1 / 18

A Cost Effective, Easy To Manage Way of Handling Different Types of Users….

A Cost Effective, Easy To Manage Way of Handling Different Types of Users…. Guest Users. Internal Users. 4. 5. 3. 0. 7. 1. 2. 6. Trusted Vendors. Visitors. IT Staff. Unknown. Contract Employees. Employees. Executives. Wireless Phone. Auth Type None. Auth Type Web Portal.

hewitt
Download Presentation

A Cost Effective, Easy To Manage Way of Handling Different Types of Users….

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Cost Effective, Easy To Manage Way of Handling Different Types of Users…. Guest Users Internal Users 4 5 3 0 7 1 2 6 Trusted Vendors Visitors IT Staff Unknown Contract Employees Employees Executives Wireless Phone Auth Type None Auth Type Web Portal Auth Type Web Portal Auth Type Web Portal Auth Type MAC Auth Type Web Portal Auth Type 802.1X Auth Type 802.1X • Network Privileges • Captive Portal Only • Network Privileges • Captive Portal • Internet Access • Network Privileges • Captive Portal • VPN Access • Internet Access • Network Privileges • Captive Portal • VPN Access • Internet Access • Limited Internal Access • Network Privileges • Limited Internal Access • Network Privileges • Captive Portal • Internet Access • Extended Internal Applications • Customer Records • Network Privileges • Captive Portal • VPN Access • Internet Access • Extended Internal Applications • Customer Records • Network Privileges • Captive Portal • VPN Access • Internet Access • Full Internal Access • Management Access Compliancy Check None Compliancy Check Every session Compliancy Check Every Day Compliancy Check 7 days Compliancy Check None Compliancy Check Every Month and Critical updates Compliancy Check 7 days and Critical updates Compliancy Check Every Month and Critical updates

  2. 3Com Network Access Control in the Connectivity Plane Client-Based Authentication (802.1X) Authorization ELSE / OR Authenticated via 802.1x or RADA Policy Enforced Access Clientless-Based Authentication (RADA) Quarantine System 3Com NMS Real time monitoring & policy enforcement 3Com NAM with EMS or 3ND 2.5 Quarantined Client Client Device

  3. 3Com Network Access Manager Windows Server,“Plug-in” simplifying Network Login (802.1X) and RADA administration. Integrates with existing User Inventory and settings (IAS & Active Directory) Manages & deploys Network Login or RADA in hours rather then days Rule based network access administration, allows to delegate network administration to non-technical staff through AD operator interface Pro-active, Blacklist unauthorized users and end-stations with single click How is our Solution Managed?Network Access Manager, 3ND and EMS

  4. TippingPoint IPS

  5. Selected customers

  6. Validated and Proven Expertise ICSA Labs Certified NSS Gold Award • Certified at faster throughput (3Gbps) and lower latency (84 µsec) than any other IPS in the world • TippingPoint’s Intrusion Prevention System is the FIRST and ONLY product to win the coveted NSS Gold Award in the IPS space. Best Security Solution 2005 X-Series: • TippingPoint IPS Overall Winner in SC Global Awards • Over 1,000 products nominated • 2006 Winner – Best Integrated Security, Info Security • 2006 Winner of Best Product – Security Week Brazil • ICSA Labs Firewall and IPSec VPN Certification

  7. Gartner Magic Quadrant Leader

  8. The Growing Security Gap Security Demands Exceed Businesses Security Capacity • Increasing rate of new vulnerabilities and decreasing time to patch • IT complexity hinders security practice implementation • Increasing number of attacks and attackers • Walk-in worms, e-mail attacks, spyware • More connected end points on the network • Increasing number of applications • VoIP Deployment • Lack of IT resources

  9. Unwanted Applications, Unauthorized Access • Greater risk with file sharing • Increased demands on the infrastructure • Unwanted Spyware downloaded • Legal implications • Risk of infection (viruses, worms) • Damage to IT resources • Loss of productivity • Resource drain… • Hacking • Denial of Service Attacks • Buffer Overflows • Back Doors / Misconfiguration

  10. Proactive Defense Through Intelligence and Power Attacks are detected and blocked at full network speed. TippingPoint IPS functions as a “network patch” or “virtual software patch” Attacks are stopped before they can cause damage to your infrastructure.

  11. Closing the Gap with TippingPoint Intrusion Prevention • FROM: • Worms/Walk-in Worms • Viruses • Trojans • DDoS Attacks • Internal Attacks • Unauthorized Access • Spyware • PROTECTS: • Microsoft Applications & Operating Systems • Oracle Applications • Linux O/S • VoIP • FROM: • Worms/Walk-in Worms • Viruses • Trojans • DDoS Attacks • SYN Floods • Traffic Anomalies • PROTECTS: • Routers (e.g. Cisco IOS) • Switches • Firewalls (e.g. Netscreen, CheckPoint FW1) • VoIP • FROM: • Peer-to-Peer Apps • Unauthorized Instant Messaging • Unauthorized Applications • DDoS Attacks • PROTECTS: • Bandwidth • Server Capacity • Missions-Critical Traffic • High Performance Custom Hardware • Highly Advanced Prevention Filters • Constant Update Protection Service • 5 Gbps Throughput • Switch-Like Latency • 2M Sessions • 250K Sessions/Second • Total Flow Inspection • 64K Rate Shaping Queues • 10K Parallel Filters

  12. The Power of HardwareUncompromised Security and Performance No Compromise Compromise Performance For Security Compromise Security For Performance

  13. ICSA Labs First Round Testing Summary ICSA Network IPS Development (NIPD) Consortium Vendors ICSA Labs Certified Vendors 3 Gbps, 84 µsec latency 350 Mbps, 398 µsec latency 100 Mbps, 441 µsec latency

  14. Anti Phishing There are many opportunities along the “phishing path” to detect and prevent the attack. Phisher • Initial Web Site Compromise • Mass Phishing E-Mail • Victim Clicks on Misleading URL • Phish Web Site is Displayed • Victim Submits Account Information Compromises a host and installs a phish Web site and mass mailer 1 2 Sends out phishing e-mail 3 Victim clicks a phish URL 4 Phish Web site is viewed 5 Victim submits information Victim Web Server Victim Users

  15. TippingPoint Digital Vaccine The Digital Vaccine service is the most comprehensive, accurate and automatic protection service available. • Coverage • Vendors • Threat organizations • Independent researchers (ZDI) • Internal Threat Management Center • Timeliness • Weekly filter distribution • Zero Day Initiative • Same day Microsoft Tuesday coverage • Accuracy • Designed to block • 5 years of filter writing experience • No performance degradation • Extensibility • Signatures, vulnerabilities, traffic and protocol anomalies • New Threats: P2P, Instant Messaging, Spyware, Phishing, VOIP

  16. Centrally Managed, Distributed Deployment • Security Management Server Appliance • Easy Installation • Scalable/Fault Tolerant • High Availability • Enterprise-wide policy management • Per segment policy • Port-by-port policy • Device-by-device policy

  17. Current TippingPoint Product Line TippingPoint X505

  18. VOIPSA Leadership

More Related